Skip to main content
Version: latest

Tenant Roles

Global Tenant Scope

Tenant is an isolated workspace within the Palette Console. Users and teams with specific roles can be associated with the tenants and projects you create.

Each user is assigned a role and permissions, which apply to the scopes, resources, and resourceKey. The Permissions format is resourceKey.operation, where resourceKey refers to resource or the API functionality, and Operation refers to the permitted action or activity.

To view the list of the predefined roles and permissions, ensure you are in the project scope Tenant. Next, navigate to the left Main Menu and click on Tenant Settings > Roles, and you will find the list of Global Roles. If you need to extend permissions, create a custom role by using the Create Role option.

Below is the list of Roles and Permissions that already predefined for the Global Tenant Scope.


info

All users can view tags assigned to a resource. In technical terms, all users inherit the permission tag.get by default.


Tenants


Role NamesDescription
Tenant AdminAllows the user to create projects and manage projects within the tenant, covered under all operations related to projects
Tenant ViewerProvides a read only access to all the project resources
Tenant Project AdminThe role with complete access to an existing project

The table enlists the role wise resourceKeys and Operations that are predefined under the Global Tenant Scope:




Tenant Admin


resourceKeysOperations

CreateDeleteGetListUpdateImportPublishBackupRestore
apiKey
audit
cloudaccount
cloudconfig
cluster
clusterProfile
clusterRbac
dnsMapping
edgehost
location
machine
macro
packRegistry
privateGateway
project
role
sshKey
team
tag
user
workspace





Cluster Profile


Role NamesDescription
Tenant Cluster Profile AdminA role which has complete access to all the Cluster Profile related operations
CreateDeleteGetListUpdateImportPublishBackupRestore
clusterProfile
macro
packRegistry
tag



Tenant Role


Role NamesDescription
Tenant Role AdminA role which has complete access to all the Role related perations
CreateDeleteGetListUpdateImportPublishBackupRestore
role



Tenant Team


Role NamesDescription
Tenant Team AdminA role which has complete access to all the Team related operations
CreateDeleteGetListUpdateImportPublishBackupRestore
apiKey
audit
team
user



Tenant User


Role NamesDescription
Tenant User Admin RoleA role which has complete access to all the User related operations
CreateDeleteGetListUpdateImportPublishBackupRestore
apiKey
audit
user

Tenants Cluster Group


Role NamesDescription
Tenants Cluster Group AdminAllows the user to create and manage cluster groups within the tenant, covered under all operations related to cluster groups
Tenants Cluster Group EditorThe role can perform edit operations related to a cluster group, but the user is not able to create or delete a cluster group
Tenants Cluster Group ViewerProvides a read only access to all the cluster group resources

The table lists role resourceKeys and operations that are predefined under the Global Tenant Scope:




Tenant Cluster Group Admin


resourceKeysOperations

CreateDeleteGetListUpdateImportPublishBackupRestore
cluster
clusterGroup
tag